Hello Renzo. There is no point spending time answering these questions for a version of BIND that is now obsolete. As I suggested in your other post, follow the instructions in the KB article and install 9.20. After that, if you still have questions, come back.
Please also read the documentation at https://bind9.readthedocs.io/en/latest/reference.html , which should hopefully answer many of your questions before you get as far as the list. Cheers, Greg On Mon, 11 Aug 2025 at 16:00, Renzo Marengo <buckroger2...@gmail.com> wrote: > In bind 9.16.23 dnssec-enable is deprecated and my server is only cache > server which forwards all requests; It is not authoritative for any zones. > > Dnssec is used to sign dns requests of my domain or all dns requests which > server makes? > > 0. dnssec-enable no > default is to enable dnssec, but I want to disable I can make it ? > > 1. dnssec-validation no > Can I delete this entry if I wnat to disable dnssec ? > > 2. bindkeys-file "/etc/named.iscdlv.key" > Can I delete this entry ? Eventually Bind would use built-in keys > > 3. managed-keys-directory "/var/named/dynamic" > see above, I can delete this entry because I'm not interesting to > dnssec > > 4. session-keyfile "/run/named/session.key" > I can leave it ? > > > -- > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > ISC funds the development of this software with paid support > subscriptions. Contact us at https://www.isc.org/contact/ for more > information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users >
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
